Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.2023-09-08_fd74fa026b79dabc3e8b18a1abb53abe_icedid_JC.exe

  • Size

    1.5MB

  • Sample

    231021-zddvbabf39

  • MD5

    fd74fa026b79dabc3e8b18a1abb53abe

  • SHA1

    4a830b02c52d0afc3979737d41d59ed47b843524

  • SHA256

    479165421e41c1dbfc91dff0653d4910f43a64d2dd40744783b493b25b9e9946

  • SHA512

    7f1c8538298e26ae98e1d2c3997d5a30de9380a8ff0d8d4071d88f52f8cb3f03baa8283d3172806f29ff7f78374852a9bea4c69ad0edb029eaeee23ae24bdbd6

  • SSDEEP

    24576:Bd6hy43m6UfrVtApyjomsKUMtENW4AFmCWVnbsAS:BshTm6UfrVtApyMmsKUMtENXHCWdYA

Score
7/10
evasionspywarestealertrojan

Malware Config

Targets

    • Target

      NEAS.2023-09-08_fd74fa026b79dabc3e8b18a1abb53abe_icedid_JC.exe

    • Size

      1.5MB

    • MD5

      fd74fa026b79dabc3e8b18a1abb53abe

    • SHA1

      4a830b02c52d0afc3979737d41d59ed47b843524

    • SHA256

      479165421e41c1dbfc91dff0653d4910f43a64d2dd40744783b493b25b9e9946

    • SHA512

      7f1c8538298e26ae98e1d2c3997d5a30de9380a8ff0d8d4071d88f52f8cb3f03baa8283d3172806f29ff7f78374852a9bea4c69ad0edb029eaeee23ae24bdbd6

    • SSDEEP

      24576:Bd6hy43m6UfrVtApyjomsKUMtENW4AFmCWVnbsAS:BshTm6UfrVtApyMmsKUMtENXHCWdYA

    Score
    7/10
    evasionspywarestealertrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks